summaryrefslogtreecommitdiff
path: root/cmdline/apt-key
diff options
context:
space:
mode:
authorMichael Vogt <michael.vogt@ubuntu.com>2011-07-28 09:19:45 +0200
committerMichael Vogt <michael.vogt@ubuntu.com>2011-07-28 09:19:45 +0200
commit0b7d641cf12761c3dcc5edb4031adfc9709963e4 (patch)
tree5d12281c5f482e6f85636f57ef86a2dc92e8713c /cmdline/apt-key
parent7d79339f811aeebacb3f841bac6075fdfbadd03f (diff)
parented6ba81db1b2832089ea443cf0030ab3f15fda97 (diff)
* merged latest fixes from debian-sid
* apt-pkg/contrib/sha1.cc: - fix illegally casts of on-stack buffer to a type requiring more alignment than it has resulting in segfaults on sparc (Closes: #634696) * apt-pkg/contrib/cdromutl.cc: - fix escape problem when looking for the mounted devices * apt-pkg/contrib/strutl.{h,cc}, test/libapt/strutil_test.cc: - add new DeEscapeString() similar to DeQuoteString but unescape character escapes like \0XX and \xXX (plus added test) * refresh po/* * cmdline/apt-get.cc: - fix missing download progress in apt-get download - do not require unused partial dirs in 'source' (Closes: #633510) - buildconflicts effect all architectures - implement MultiarchCross for build-dep and source (Closes: #632221) * cmdline/apt-key: - use a tmpfile instead of /etc/apt/secring.gpg (Closes: #632596) * debian/apt.postinst: - remove /etc/apt/secring.gpg if it is an empty file * doc/apt-cache.8.xml: - apply madison typofix from John Feuerstein, thanks! (Closes: #633455) * apt-pkg/policy.cc: - emit an error on unknown APT::Default-Release value (Closes: #407511) * apt-pkg/aptconfiguration.cc: - ensure that native architecture is if not specified otherwise the first architecture in the Architectures vector * apt-pkg/deb/deblistparser.cc: - Strip only :any and :native if MultiArch should be stripped as it is save to ignore them in non-MultiArch contexts but if the dependency is a specific architecture (and not the native) do not strip
Diffstat (limited to 'cmdline/apt-key')
-rwxr-xr-xcmdline/apt-key5
1 files changed, 4 insertions, 1 deletions
diff --git a/cmdline/apt-key b/cmdline/apt-key
index 843163f82..e632be706 100755
--- a/cmdline/apt-key
+++ b/cmdline/apt-key
@@ -5,9 +5,12 @@ unset GREP_OPTIONS
# We don't use a secret keyring, of course, but gpg panics and
# implodes if there isn't one available
-GPG_CMD='gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg'
+SECRETKEYRING="$(mktemp)"
+trap "rm -f '${SECRETKEYRING}'" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
+GPG_CMD="gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring ${SECRETKEYRING}"
if [ "$(id -u)" -eq 0 ]; then
+ # we could use a tmpfile here too, but creation of this tends to be time-consuming
GPG_CMD="$GPG_CMD --trustdb-name /etc/apt/trustdb.gpg"
fi